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Tn the Claims : 

Please amend claim 1, 13 and 14 as follows: 

1 . (Amended Twice) A method of preventing undesirable activities of 
Executable Objects via an application, comprising: 

denying to the same application, or one or more of its threads, access to a secured 
resource if said application, or one or more of its threads, has previously exhibited Internet 
behavior and has not met a specific condition for accessing said secured resource[,]; and 

denying said application, or one or more of its threads, Internet behavior if, at a time 
access is sought to the Internet, said application, or one or more of its threads is accessing a 
secured resource. 

2. (Previously Amended) A method according to claim 1 , further comprising 
recording in a memory events representative of Interne, behavior, keeping a record of all secured 
resources that are to be kept secured and when an application that has previously exhibited 
Internet behavior attempts to access one such secured resource, denying access to said secured 

resource, unless: 

a) At least a predetermined period of time has passed since a last 

Internet behavior; or 

b) Said application, or one or more of its threads, has performed at least a 

predetermined number of operations after exhibiting Internet behavior; or 
c) Another preset condition has been fulfilled. 
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3. (Previously Amended) A method according to claim 2, wherein the preset 
condition comprises an exercise of control over execution of dovmloadables received during 
Internet behavior, to ensure that no unexecuted dovmloadable may access the secured resource. 

4. (Previously Amended) A method according to claim 2, wherein the present 
condition comprises an analysis of downloadables to ascertain the dovraloadables are harmless. 

5. (Previously Amended) A method according to claim 1, wherein Internet behavior is 
denied by disabling a network connection creation. 

6. (Previously Amended) A method according to claim 1, wherein Internet behavior 
is denied by disabling specific protocols. 

7. (Previously Amended) A method according to claim 6, wherein the specific protocols 
comprise HTTP, FTP, SMTP, or like communication protocol. 

8. (Previously Amended) A method according to claim 1, wherein Internet behavior 
is denied by disabling a transfer of executable objects in communication protocols. 

9. (Previously Amended) A method according to claim 5, wherein access to trusted 
sites is not denied. 
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1 0. (Previously Amended) A method according to claim 1 , wherein access to a 
secured resource is denied by disabling a thread using a specific system service that is used to 
access the secured resource. 

1 1 (Previously Amended) A method according to claim 1 , wherein all sub-threads of 
a thread that is denied access to a secured resource are also denied access to secured resources. 

12. (Previously Amended) A method according to claim 1 , wherein all sub-threads of 
a thread that is denied Internet behavior are also denied Internet behavior. 

1 3 . (Amended Twice) An [A]apparatus for preventing undesirable activities of 
Executable Objects via an application, comprising: 

a memory for storing a record of Internet behavior of a plurality of applications[,]i and 
means for denying to an application access to a secured resource if the application has 

previously exhibited Internet behavior and has not met a specific condition for accessing said 

secured resource. 

1 4. (Amended Twice) An [Ajapparatus for preventing undesirable activities of 
Executable Objects via an application, comprising: 

a memory of storing a record of Internet behavior of a plurality of applications[,]; and 
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means for denying an application, or one or more of its threads, Internet behavior if, at a 
time access is sought, said application, or one or more of its threads, is accessing a secured 
resource. 

15. (Previously Amended) A system for preventing undesirable activities of 
Executable Objects via an application, comprising a computer on which one or more 
applications are to run, said computer being connectable to the Internet or Intranet, or Extranet, 
said computer being provided with a memory for storing a record of Internet behavior of each of 
said plurality of applications, and means for denying to an application access to a secured 
resource if the application has previously exhibited Internet behavior and has not met a specific 
condition for accessing said secured resource. 

16. (Previously Amended) A system for preventing undesirable activities of 
Executable Objects via an application, comprising a computer on which one or more 
applications are to run, said computer being connectable to the Internet or Intranet or Extranet, 
said computer being provided with a memory for storing a record of Internet behavior of each of 
said plurality of applications, and means for denying an application, or one or more of its 
threads, Internet behavior if, at a time Internet behavior is exhibited, said application, or one or 
more of its threads, is accessing a secured resource. 

17. (Cancelled) 
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1 8. (Original) A method according to claim 2, wherein Internet behavior is 

denied by disabling a network connection creation. 

1 9. (Original) A method according to claim 3, wherein Internet behavior is 
denied by disabling a network connection creation. 

20. (Original) A method according to claim 4, wherein Internet behavior is 
denied by disabling a network connection creation. 

2 1 (Original) A method according to claim 2, wherein Internet behavior is 
denied by disabling specific protocols. 

22. (Original) A method according to claim 3, wherein Internet behavior is 
denied by disabling specific protocols. 

23 . (Original) A method according to claim 4, wherein Internet behavior is 
denied by disabling specific protocols. 

24. (Original) A method according to claim 2 1 wherein the specific protocols 
comprise HTTP, FTP, SMTP, or like communication protocol. 
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25. (Original) A method according to claim 22, wherein the specific protocols 
comprise HTTP, FTP, SMTP, or like communication protocol. 

26. (Original) A method according to claim 23, wherein the specific protocols 
comprise HTTP, FTP, SMTP, or like communication protocol. 

27. (Original) A method according to claim 2, wherein Internet behavior is 
denied by disabling a transfer of executable objects in communication protocols. 

28. (Original) A method according to claim 3, wherein Internet behavior is 
denied by disabling transfer of executable objects in communication protocols. 

29. (Original) A method according to claim 4, wherein Internet behavior is 
denied by disabling a transfer of executable objects in communication protocols, 

30. (Original) A method according to claim 1 , wherein access to trusted sites is 
not denied. 



3 1 . (Original) A method according to claim 2, wherein access to a secured 
resource is denied by disabling a thread using a specific system service that is used to access the 
secured resource. 
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32. (Original) A method according to claim 3, wherein access to a secured 
resource is denied by disabhng a thread using a specific system service that is used to access the 
secured resource. 

33. (Original) A method according to claim 4, wherein access to a secured 
resource is denied by disabling a thread using a specific system service that is used to access the 
secured resource. 
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